Security researchers recently disclosed a new Android banking trojan, Sturnus, capable of full device takeover and bypassing encrypted-messaging protections. Once installed, often via malicious APKs or social-engineering lures, it captures decrypted chats from apps like WhatsApp, Telegram and Signal by reading screen output, then executes overlay attacks to harvest banking credentials and enable fraudulent transactions. Its emergence highlights how mobile endpoints, even in secure messaging contexts, are increasingly leveraged for fraud, underscoring the urgent need for cautious app sourcing, minimal permissions, and ongoing device-behavior monitoring.
Read the full analysis here.
